﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security.Cryptography;
using System.Data;
using DBUtility;
using System.Web.Security;


namespace DAL
{
    public class UserDAL
    {
        /// <summary>
        /// 登录 用户名密码
        /// </summary>
        public bool GetUserInfoByName(string name, string password, out string id)
        {
            bool  lb_return =false;
            id = "-1";

            DataTable dt = new DataTable();
            StringBuilder commandText = new StringBuilder();

            string md5 = GetMD5Hash(password);
            int Num = 0;
          

            commandText.Append(" select COUNT(*) ");
            commandText.Append(" from master ");
            commandText.Append(" where NAME='" + name + "' ");
            commandText.Append(" and PASSWORD='" + md5 + "'");

            try
            {
                DbHelperOra.connectionString = System.Configuration.ConfigurationSettings.AppSettings["ConnectionString"];
                Object obj = DbHelperOra.GetSingle(commandText.ToString());
                if (!Object.Equals(obj, null))
                {
                    Num = int.Parse(obj.ToString());
                }
                DataSet ds = DbHelperOra.Query(commandText.ToString());

            }
            catch (Exception ex)
            {
                throw ex;
            }

            if (Num > 0) { lb_return = true; id = GetId(name, md5); }

            return lb_return;
        }

        /// <summary>
        /// 根据扫描枪扫描的数据判断是否存在此用户
        /// </summary>
        /// <param name="name"></param>
        /// <param name="password"></param>
        /// <param name="id"></param>
        /// <returns></returns>
        public bool GetUserInfoByUserID(string userid, out string id,out string name)
        {
            string lb_return = "0";
            id = "-1";
            name = "";
            bool result = false;

            DataTable dt = new DataTable();
            StringBuilder commandText = new StringBuilder();

            commandText.Append("select t.id,t.name from master t where t.userid='" + userid + "' ");
           
            try
            {
                DbHelperOra.connectionString = System.Configuration.ConfigurationSettings.AppSettings["ConnectionString"];
                dt = DbHelperOra.QueryTable(commandText.ToString());
                if (dt != null && dt.Rows.Count > 0)
                {
                    if (dt != null && dt.Rows.Count > 0)

                        result = true;
                    id = dt.Rows[0]["id"].ToString().Trim();
                    name = dt.Rows[0]["name"].ToString().Trim();                    
                }            

            }
            catch (Exception ex)
            {
                throw ex;
            }

            return result;
        }
        

        public static string GetMD5Hash(String Password)
        {
            //var md5 = new MD5CryptoServiceProvider();
            //string t2 = BitConverter.ToString(md5.ComputeHash(Encoding.Default.GetBytes(Password)), 4, 8);
            //t2 = t2.Replace("-", "");
            //return t2;
            return FormsAuthentication.HashPasswordForStoringInConfigFile(Password, "MD5").ToUpper().Substring(8, 16);
        }

        public string GetId(string name, string md5)
        {
            string id = "";
            DataTable dt = new DataTable();
            StringBuilder commandText = new StringBuilder();

            commandText.Append(" select MAX(ID) ");
            commandText.Append(" from master ");
            commandText.Append(" where NAME='" + name + "' ");
            commandText.Append(" and PASSWORD='" + md5 + "'");
            try
            {
                DbHelperOra.connectionString = System.Configuration.ConfigurationSettings.AppSettings["ConnectionString"];
                Object obj = DbHelperOra.GetSingle(commandText.ToString());
                if (!Object.Equals(obj, null))
                {
                    id = obj.ToString();
                }

            }
            catch (Exception ex)
            {
                throw ex;
            }
            return id;
        }

    }
}
